CyberNB Q&A with Difenda

Share

Text Size

CyberNB is the only government mandated agency to focus on growing its cybersecurity ecosystem. As part of the announcement Difenda is opening its second Cyber Command Centre in Frederiction, CyberNB interviewed our own Richard Kitney to learn why it was important to make the move to New Brunswick.

CyberNB: Can you give us a brief overview of Difenda and your role there?

Kitney: My role is Vice President, Strategic Initiatives (Talent and Markets). Both talent and marketing are extremely important for a cybersecurity consulting and managed services organization. Cybersecurity is not a department of any division in a larger context at Difenda. All of the people in our security operations centre have just the one focus and that is protecting the information of our clients. The whole organization is focused on our clients’ security needs. Our clients tend to be in a variety of critical sectors including health, finance, insurance, banking, retail, mining and technology. They rely on us to help monitor, detect and respond to their cybersecurity issues.

CyberNB: What would you say is Difenda's key differentiator in the marketplace?

Kitney: It has to do with our focus on Managed Detection and Response (MDR). We monitor the networks of our clients with big data, analytics engines. What we are looking for are intruders, patterns of behaviour demonstrated by past intruders and brand-new patterns that are not on the record. Traditionally these alerts of suspicious behaviour were simply passed on to the client to deal with, but we are in a new environment today where the threat has become very sophisticated. Our clients’ expertise is in their own primary areas of business – not in cybersecurity and they can find it very challenging to maintain a resource pool and in-depth knowledge across so many technologies. Therefore, if we warn our clients but they are unable to act on the warning, in order to keep them secure we need to take our service to another level, which is what we have done.

Our ground-breaking differentiation is both in the use of automation and our ability to help with the Response. We now have the ability to take on the responsibility to ensure that the threat is contained, the incident is responded to, and we are able to bring client operations back to normal. I think that area of emphasizing the Response in MDR is what makes us stand out and be able to provide our clients with greater assurance of breach protection.

CyberNB: We are excited for Difenda to be joining our cybersecurity ecosystem in New Brunswick, can you tell us why Fredericton was chosen for Difenda's expansion?

Kitney: For quite a while now New Brunswick has demonstrated that it has serious intent to create an environment in which organizations like Difenda can thrive. With ONB and CyberNB we were absolutely ready to follow through with setting up our second site in Canada. Having looked at New Brunswick for a while now, (we have had contract staff in the past operating out of New Brunswick doing remote work with us for some of our clients), we knew that New Brunswick was the source for the kind of resources that we needed. Another benefit to choosing New Brunswick is the bilingual workforce which is extremely valuable in that regard as well.

Choosing New Brunswick to have our major second presence in Canada when it comes to Cyber Command Centres was a no-brainer.

CyberNB: Cybercrime is continuing to increase; do you think that small and medium enterprises understand the risk of cybercrime?

Kitney: You don't know what you don't see. Intrusions usually are not seen if companies do not have any sophistication in their monitoring and defences. It is typically 100-200 days after initial intrusion before companies are generally even aware that they have been breached. They are most often told by a third-party. They do not usually find out themselves, so can be in a state of breach without knowing it, for years. Visibility is key in helping small and medium companies understand the risk they face.

Additionally, we depend upon awareness programs, and examples in the news of other breaches, to finally edge companies to the point where they understand they cannot manage this on their own and need to bring companies like Difenda in to help protect them. It is not a matter of if you will be breached, it is a matter of when, how often and how damaging the breaches will be The monitoring that we are doing is absolutely essential, but the foundational defence that a company can develop is to ensure that their people are knowledgeable and aware of the risks. This is not just the people in IT, but everyone across the whole organization. Everyone in an organization needs to know how to minimize vulnerability, for example, phishing. If you are not educating your employees, which we can help you do, you are not taking advantage of the most effective foundational response you can make to improve your chances of being protected.

This post contains content originally posted on the CyberNB blog and is used with their permission.